-
Notifications
You must be signed in to change notification settings - Fork 19.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto: KeyStore improvement ideas #1987
Comments
@fjl How would one get a |
Sure, |
I like the idea of this refactoring. I would modify the interface a bit though :P type KeyStore interface {
Keys() ([]common.Address, error)
Store(*crypto.Key, string) error
Fetch(common.Address) (*crypto.Key, error)
Delete(common.Address) error
} i.e. Since the interface is a KeyStore, I don't see the need to have all methods contain "Key" in their name. However, the issue with this interface design is that I need the |
One part of this plan has been implemented in #2284. The keyStore interface is now located in package accounts, hidden from the API and looks like this: type keyStore interface {
// Loads and decrypts the key from disk.
GetKey(addr common.Address, filename string, auth string) (*Key, error)
// Writes and encrypts the key.
StoreKey(filename string, k *Key, auth string) error
// Joins filename with the key directory unless it is already absolute.
JoinPath(filename string) string
} |
This doesn't apply anymore. |
The key management infrastructure is currently split into several layers:
The general reasoning behind this design was to ensure that people wouldn't use
unencrypted keys. It was also supposed to anticipate an implementation of KeyStore that
talks to a hardware crypto device.
The interface has grown over time and isn't as flexible as it could be.
One particular example where the split hurts is that using KeyStorePlain still requires
'unlocking' the account with an empty passphrase because the account manager doesn't
know whether keys are encrypted. We could also use an in-memory KeyStore for testing,
but implementing one requires satisfying the whole interface.
I propose the following changes:
There are no other users of the interface apart from the
account manager.
This will shrink the interface to a mapping between addresses and keys.
The text was updated successfully, but these errors were encountered: